According to ESET, a previously undisclosed modular malware family targeting Linux systems was employed in targeted attacks to collect credentials and obtain access to victim systems.
The malware family, dubbed FontOnLake, uses a rootkit to hide its existence and uses various command and control servers for each copy, demonstrating how careful its operators are to keep a low profile.
Last May, the first malware samples from this family surfaced. The malware was originally described as the HCRootkit / Sutersu Linux rootkit by Avast and Lacework, as well as the Tencent Security Response Center in a February report.
To Read More: securityweek